<?php

$json = array('status' => 'error', 'msg' => 'error', 'data' => '');
$usr = fn_post('usr');
$pwd = fn_post('pwd');

if (!$usr) {
  $json['msg'] = '用户名或密码错误!';
} elseif (!$pwd) {
  $json['msg'] = '密码或用户名错误!';
} else {
  $merchant = $this->website['class']['db']
    ->table('user_merchant')
    ->where('uname=?',$usr)
    ->one();
  $json['data'] = $merchant;
  if (!($merchant['pwd'] ?? false)) {
    $json['msg'] = '无效用户，请重新登录!';
  } elseif (password_verify($merchant['id'] . $pwd, $merchant['pwd'])) {
    unset($merchant['pwd']);
    $json['status'] = 'ok';
    $json['msg'] = 'ok';
    $merchant['key'] = password_hash($merchant['id'] . $this->website['safe']['key'] . date('Ymd'), PASSWORD_DEFAULT);

    $_SESSION['merchant'] = json_encode($merchant);
    $json['merchant'] = $merchant;
  } else {
    unset($merchant['pwd']);
    $json['msg'] = '登录失败,重新输入用户名密码!';
  }
}

echo json_encode($json);
